Hi We recieved in Debian a bugreport regarding documentation of verify_callback. Daniel attached a patch for it [1]. Could you apply this to the next release?
[1] http://bugs.debian.org/606248 Bests Salvatore ----- Forwarded message from Daniel Kahn Gillmor <[email protected]> ----- From: Daniel Kahn Gillmor <[email protected]> Resent-From: Daniel Kahn Gillmor <[email protected]> Reply-To: Daniel Kahn Gillmor <[email protected]>, [email protected] X-Mailer: reportbug 4.12.6 Date: Tue, 07 Dec 2010 14:30:39 -0500 To: Debian Bug Tracking System <[email protected]> Subject: Bug#606248: libio-socket-ssl-perl: documentation of verify_callback argument needs update Package: libio-socket-ssl-perl Version: 1.35-1 Severity: normal Tags: patch The documentation of the SSL_verify_callback for IO::Socket::SSL seems to have drifted from its current implementation, and is difficult to read. The attached patch fixes both problems. Regards, --dkg -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.36-trunk-686 (SMP w/1 CPU core) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libio-socket-ssl-perl depends on: ii libnet-ssleay-perl 1.36-1 Perl module for Secure Sockets Lay ii netbase 4.43 Basic TCP/IP networking system ii perl 5.10.1-16 Larry Wall's Practical Extraction Versions of packages libio-socket-ssl-perl recommends: ii libnet-libidn-perl 0.12.ds-1+b1 Perl bindings for GNU Libidn Versions of packages libio-socket-ssl-perl suggests: pn libio-socket-inet6-perl <none> (no description available) -- no debconf information diff --git a/SSL.pm b/SSL.pm index 0cd640b..94fd994 100644 --- a/SSL.pm +++ b/SSL.pm @@ -1729,10 +1729,27 @@ See OpenSSL man page for SSL_CTX_set_verify for more information. If you want to verify certificates yourself, you can pass a sub reference along with this parameter to do so. When the callback is called, it will be passed: -1) a true/false value that indicates what OpenSSL thinks of the certificate, -2) a C-style memory address of the certificate store, -3) a string containing the certificate's issuer attributes and owner attributes, and -4) a string containing any errors encountered (0 if no errors). + +=over 4 + +=item 1. +a true/false value that indicates what OpenSSL thinks of the certificate, + +=item 2. +a C-style memory address of the certificate store, + +=item 3. +a string containing the certificate's issuer attributes and owner attributes, and + +=item 4. +a string containing any errors encountered (0 if no errors). + +=item 5. +a C-style memory address of the peer's own certificate (convertible to +PEM form with Net::SSLeay::PEM_get_string_X509()). + +=back + The function should return 1 or 0, depending on whether it thinks the certificate is valid or invalid. The default is to let OpenSSL do all of the busy work. _______________________________________________ pkg-perl-maintainers mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/pkg-perl-maintainers ----- End forwarded message -----
diff --git a/SSL.pm b/SSL.pm index 0cd640b..94fd994 100644 --- a/SSL.pm +++ b/SSL.pm @@ -1729,10 +1729,27 @@ See OpenSSL man page for SSL_CTX_set_verify for more information. If you want to verify certificates yourself, you can pass a sub reference along with this parameter to do so. When the callback is called, it will be passed: -1) a true/false value that indicates what OpenSSL thinks of the certificate, -2) a C-style memory address of the certificate store, -3) a string containing the certificate's issuer attributes and owner attributes, and -4) a string containing any errors encountered (0 if no errors). + +=over 4 + +=item 1. +a true/false value that indicates what OpenSSL thinks of the certificate, + +=item 2. +a C-style memory address of the certificate store, + +=item 3. +a string containing the certificate's issuer attributes and owner attributes, and + +=item 4. +a string containing any errors encountered (0 if no errors). + +=item 5. +a C-style memory address of the peer's own certificate (convertible to +PEM form with Net::SSLeay::PEM_get_string_X509()). + +=back + The function should return 1 or 0, depending on whether it thinks the certificate is valid or invalid. The default is to let OpenSSL do all of the busy work.
signature.asc
Description: Digital signature
